If you have a USB Drive that may or may not be contaminated, what is the best way to retrieve data from it without reinfecting yourself?
Asked
Active
Viewed 1.4k times
6 Answers
20
If you want to be completely sure, mount it on a Mac or Linux box. Seriously.
For an example, see the new shortcut icon exploit, which ALL Windows machines since NT have been vulnerable to. This exploit allows arbitrary code to be executed simply when the folder is opened. No Autorun required. No manual execution required. It infects the system as soon as the folder is opened.
If you don't have a real *nix (includes Mac) box, just boot from a LiveCD. You may want to scan with Clam AntiVirus while you're at it too.
Hello71
- 8,673
- 5
- 42
- 45
7
The first thing you absolutely need to do is disable autorun. There is a good tutorial here.
If it were me though, I'd boot to a non-writable OS (e.g. Knoppix) and copy the data off that way. Knoppix is outstanding for this sort of recovery.
Satanicpuppy
- 7,205
7
Mount it on a computer booted off of a Linux live boot CD and the hard drives (and any other USB drives too) disconnected.
Brian Knoblauch
- 4,911
1
If you are using windows then disable auto-run.
How to disable autorun: http://support.microsoft.com/kb/967715
Daisetsu
- 6,171
1
Holding the left shift while inserting the drive will temporarily disable autorun
Jason Berg
- 1,114
0
Disable auto-run as mentioned by Daisetsu and use the Command Prompt which won't be exploited.
Tamara Wijsman
- 57,881